Skills
skills/inf-sh/skills/explainer-video-guide/Gen Agent Trust Hub

explainer-video-guide

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The skill contains the command curl -fsSL https://cli.inference.sh | sh. This is a highly dangerous pattern that downloads a script from an untrusted external domain and executes it directly in the shell without any verification or integrity checks.
  • EXTERNAL_DOWNLOADS (MEDIUM): The 'Related Skills' section uses npx skills add to fetch additional skills from the inference-sh repository. Since this organization is not on the trusted sources list, these dependencies are unverifiable.
  • COMMAND_EXECUTION (LOW): The skill is configured with allowed-tools: Bash(infsh *), which allows for broad command execution using the infsh utility. While this is the intended purpose of the skill, it increases the potential impact of any command-based exploitation.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill processes user-provided strings within shell commands via the --input flag. 1. Ingestion points: SKILL.md (via infsh app run command inputs). 2. Boundary markers: None detected (prompts are wrapped in single quotes, which are susceptible to shell escaping). 3. Capability inventory: Full bash access via the infsh tool. 4. Sanitization: None detected.
Recommendations
  • HIGH: Downloads and executes remote code from: https://cli.inference.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 18, 2026, 02:00 AM